Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kubeadm: add mutation for Linux paths in KubeletConfiguration on Windows #105992

Merged
merged 1 commit into from Nov 12, 2021
Merged

kubeadm: add mutation for Linux paths in KubeletConfiguration on Windows #105992

merged 1 commit into from Nov 12, 2021

Conversation

hwdef
Copy link
Member

@hwdef hwdef commented Oct 29, 2021
edited by k8s-ci-robot

fix absolute paths do not work properly in config files in windows

What type of PR is this?

/kind bug

What this PR does / why we need it:

Because linux and windows express the absolute path differently, some errors may be caused.

This pr fixes this bug, the fix method comes from https://gist.github.com/neolit123/1b7375c8a956155a2ca1cdd901336bce

Which issue(s) this PR fixes:

Fixes # kubernetes/kubeadm#2419

Special notes for your reviewer:

Does this PR introduce a user-facing change?

kubeadm: fix a bug on Windows worker nodes, where the downloaded KubeletConfiguration from the cluster can contain Linux paths that do not work on Windows and can trip the kubelet binary.

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. kind/bug Categorizes issue or PR as related to a bug. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Oct 29, 2021
@k8s-ci-robot k8s-ci-robot added area/kubeadm sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Oct 29, 2021
@hwdef
Copy link
Member Author

hwdef commented Oct 29, 2021

/assign @neolit123

We can communicate here.

hwdef
hwdef commented Oct 29, 2021
View reviewed changes
cmd/kubeadm/app/componentconfigs/kubelet.go Outdated
}

// Mutate the fields we care about.
mutateStringField("resolvConf", cfg.ResolverConfig, true) // make sure this is disabled on Windows
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@neolit123
Compared with your code, I changed this because this field becomes a pointer.

Copy link
Member

@neolit123 neolit123 Nov 2, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i guess this was causing the panic you saw when testing?

OK, i just saw your comment below.

@hwdef
Copy link
Member Author

hwdef commented Oct 29, 2021

And the mutatePathsOnWindows is panicing because cfg.ResolverConfig is nil.

@neolit123
Copy link
Member

thanks, i will have a look tomorrow.

neolit123
neolit123 reviewed Nov 2, 2021
View reviewed changes
Copy link
Member

@neolit123 neolit123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/ok-to-test
/triage accepted
/priority backlog
/sig windows

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. triage/accepted Indicates an issue or PR is ready to be actively worked on. priority/backlog Higher priority than priority/awaiting-more-evidence. sig/windows Categorizes an issue or PR as relevant to SIG Windows. and removed needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Nov 2, 2021
@neolit123
Copy link
Member

/release-note-edit

kubeadm: fix a bug on Windows worker nodes, where the downloaded KubeletConfiguration from the cluster can contain Linux paths that do not work on Windows and can trip the kubelet binary.

@neolit123
Copy link
Member

given i wrote this a while back in gist the change looks fine to me, but i would like to get a second opinion on the idea to have Mutate() on the component config.

/cc @SataQiu @pacoxu
any objections to that?

SataQiu
SataQiu reviewed Nov 7, 2021
View reviewed changes
cmd/kubeadm/app/componentconfigs/kubelet.go
@@ -212,6 +216,63 @@ func (kc *kubeletConfig) Default(cfg *kubeadmapi.ClusterConfiguration, _ *kubead
}
}

// Mutate modifies absolute path fields in the KubeletConfiguration to be Windows compatible absolute paths.
func (kc *kubeletConfig) Mutate() error {
if runtime.GOOS != "windows" {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems ok to add the Mutate() error function as a post hook before writing config to the disk.
Not sure we should check the os by runtime.GOOS != "windows" or // +build !windows.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It seems ok to add the Mutate() error function as a post hook before writing config to the disk.

Mutate operates on the KubeletConfiguration object and Marshal finalizes the object converting it to yaml string, thus it has to be before Marshal.

Not sure we should check the os by runtime.GOOS != "windows" or // +build !windows

+build !windows is better, but one problem is that if we move the *windows logic to _windows.go files, the unit test will not be run...currently the k8s CI only runs the Linux unit tests.

@hwdef i think we can have a TODO above the `if runtime.GOOS != "windows" line

TODO: use build tags and move the Windows related logic to _windows.go files once the kubeadm code base is unit tested for Windows as part of CI - "GOOS=windows go test ...".

(please keep the commits squashed)

@k8s-ci-robot k8s-ci-robot removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 10, 2021
@RA489
Copy link

RA489 commented Nov 10, 2021

/retest

@neolit123
Copy link
Member

neolit123 commented Nov 10, 2021
edited

added a couple of new comments above:
#105992 (comment)
#105992 (comment)

note that code freeze for 1.23 is early next week...otherwise the PR will have to wait for 1.24 (starts in mid december)

@hwdef hwdef force-pushed the fix-kubeadm-2419 branch 2 times, most recently from b7e7d63 to 7aff6e3 Compare November 11, 2021 03:17
@hwdef
Copy link
Member Author

hwdef commented Nov 11, 2021

/test pull-kubernetes-unit

@hwdef hwdef force-pushed the fix-kubeadm-2419 branch 3 times, most recently from 2ab266d to 85e3dfc Compare November 11, 2021 06:56
@hwdef
Copy link
Member Author

hwdef commented Nov 11, 2021

@neolit123
I updated the code and the test code. And I did some test in windows node. It looks like normol.

And I add the blank line in import, I got the ci error again.I think these errors are weird. And I didn't find any solution, please take a look.

@neolit123
Copy link
Member

neolit123 commented Nov 11, 2021
edited

the errors in CI are because there are multiple pkg/errors imports.
also include a fix for a mistake i've made.

cfg.ResolverConfig should always be made "".

diff --git a/cmd/kubeadm/app/componentconfigs/kubelet.go b/cmd/kubeadm/app/componentconfigs/kubelet.go
index 397965971cd..2da3e8139f7 100644
--- a/cmd/kubeadm/app/componentconfigs/kubelet.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet.go
@@ -24,7 +24,6 @@ import (
 
        "github.com/pkg/errors"
 
-       "github.com/pkg/errors"
        "k8s.io/apimachinery/pkg/util/version"
        clientset "k8s.io/client-go/kubernetes"
        "k8s.io/klog/v2"
@@ -284,9 +283,7 @@ func mutatePathsOnWindows(cfg *kubeletconfig.KubeletConfiguration, drive string)
 
        // Mutate the fields we care about.
        klog.V(2).Infof("[componentconfig] kubelet/Windows: changing field \"resolverConfig\" to empty")
-       if cfg.ResolverConfig == nil {
-               cfg.ResolverConfig = utilpointer.String("") // Make sure this is empty on Windows
-       }
+       cfg.ResolverConfig = utilpointer.String("") // Make sure this is empty on Windows
        mutateStringField("staticPodPath", &cfg.StaticPodPath)
        mutateStringField("authentication.x509.clientCAFile", &cfg.Authentication.X509.ClientCAFile)
 }
diff --git a/cmd/kubeadm/app/componentconfigs/kubelet_test.go b/cmd/kubeadm/app/componentconfigs/kubelet_test.go
index e1385bb67e4..2002fca8c89 100644
--- a/cmd/kubeadm/app/componentconfigs/kubelet_test.go
+++ b/cmd/kubeadm/app/componentconfigs/kubelet_test.go
@@ -320,7 +320,7 @@ func TestMutatePathsOnWindows(t *testing.T) {
                                },
                        },
                        expected: &kubeletconfig.KubeletConfiguration{
-                               ResolverConfig: &fooResolverConfig,
+                               ResolverConfig: utilpointer.String(""),
                                StaticPodPath:  filepath.Join(drive, "/foo/staticpods"),
                                Authentication: kubeletconfig.KubeletAuthentication{
                                        X509: kubeletconfig.KubeletX509Authentication{
@@ -341,7 +341,7 @@ func TestMutatePathsOnWindows(t *testing.T) {
                                },
                        },
                        expected: &kubeletconfig.KubeletConfiguration{
-                               ResolverConfig: &fooResolverConfig,
+                               ResolverConfig: utilpointer.String(""),
                                StaticPodPath:  "./foo/staticpods",
                                Authentication: kubeletconfig.KubeletAuthentication{
                                        X509: kubeletconfig.KubeletX509Authentication{

@neolit123
Copy link
Member

/retitle kubeadm: add mutation for Linux paths in KubeletConfiguration on Windows

@k8s-ci-robot k8s-ci-robot changed the title kubeadm: Fix the problem that the absolute path in the windows do not work in the config file. kubeadm: add mutation for Linux paths in KubeletConfiguration on Windows Nov 11, 2021
@hwdef
Copy link
Member Author

hwdef commented Nov 12, 2021

@neolit123 I updated the code and test code.
But regarding the ci error, it still has not been resolved.I checked the code and confirmed that only one "github.com/pkg/errors" package was imported. When I add a blank line after "github.com/pkg/errors", ci will think that I have imported two error packages, After deleting this blank line, everything looks normal.

@neolit123
Copy link
Member

neolit123 commented Nov 12, 2021
edited

i tested your patch locally and i saw 2 pkg error imports:

       "github.com/pkg/errors" <---- 1
 
       "github.com/pkg/errors" <---- 2
        "k8s.io/apimachinery/pkg/util/version"
        clientset "k8s.io/client-go/kubernetes"
        "k8s.io/klog/v2"

this is not visible in the github diff for some reason.
this is odd....

@neolit123
Copy link
Member

the pkg/error import is already out of place in the current master branch:
https://github.com/kubernetes/kubernetes/blob/master/cmd/kubeadm/app/componentconfigs/kubelet.go#L22

so let's leave it like that...

neolit123
neolit123 reviewed Nov 12, 2021
View reviewed changes
Copy link
Member

@neolit123 neolit123 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the PR!
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 12, 2021
@neolit123
Copy link
Member

/hold cancel

@k8s-ci-robot k8s-ci-robot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Nov 12, 2021
@k8s-ci-robot k8s-ci-robot merged commit 35f9bca into kubernetes:master Nov 12, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.23 milestone Nov 12, 2021
@neolit123 neolit123 mentioned this pull request Nov 12, 2021
Closed
@hwdef hwdef deleted the fix-kubeadm-2419 branch November 25, 2021 08:54
This was referenced Apr 8, 2022
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neolit123 neolit123 neolit123 left review comments

@SataQiu SataQiu SataQiu left review comments

@RA489 RA489 Awaiting requested review from RA489

@yagonobre yagonobre Awaiting requested review from yagonobre

@pacoxu pacoxu Awaiting requested review from pacoxu

Assignees

@neolit123 neolit123

@pacoxu pacoxu

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/kubeadm cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/bug Categorizes issue or PR as related to a bug. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. priority/backlog Higher priority than priority/awaiting-more-evidence. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cluster-lifecycle Categorizes an issue or PR as relevant to SIG Cluster Lifecycle. sig/windows Categorizes an issue or PR as relevant to SIG Windows. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. triage/accepted Indicates an issue or PR is ready to be actively worked on.
Projects
None yet
Milestone
v1.23
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@hwdef @neolit123 @pacoxu @k8s-ci-robot @RA489 @SataQiu